fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-10 20:44:28 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix double-escaping nickname and homepage of guest author

Browse source
This commit is contained in:
Kijin Sung 2023-05-01 00:06:26 +09:00
parent 581097a9e3
commit 3bf458e9ba
2 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/board/skins/default/write_form.html
View file

@ -58,7 +58,7 @@
<div class="write_author"> <div class="write_author">
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="userName" class="iLabel">{$lang->writer}</label> <label for="userName" class="iLabel">{$lang->writer}</label>
<input type="text" name="nick_name" id="userName" class="iText userName" style="width:80px" value="{htmlspecialchars($oDocument->get('nick_name'))}" /> <input type="text" name="nick_name" id="userName" class="iText userName" style="width:80px" value="{escape($oDocument->get('nick_name'), false)}" />
</span> </span>
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="userPw" class="iLabel">{$lang->password}</label> <label for="userPw" class="iLabel">{$lang->password}</label>
@ -66,11 +66,11 @@
</span> </span>
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="homePage" class="iLabel">{$lang->homepage}</label> <label for="homePage" class="iLabel">{$lang->homepage}</label>
<input type="text" name="homepage" id="homePage" class="iText homePage" style="width:140px"value="{htmlspecialchars($oDocument->get('homepage'))}" /> <input type="text" name="homepage" id="homePage" class="iText homePage" style="width:140px"value="{escape($oDocument->get('homepage'), false)}" />
</span> </span>
<span class="item"> <span class="item">
<label for="tags" class="iLabel">{$lang->tag}: {$lang->about_tag}</label> <label for="tags" class="iLabel">{$lang->tag}: {$lang->about_tag}</label>
<input type="text" name="tags" id="tags" value="{htmlspecialchars($oDocument->get('tags'))}" class="iText" style="width:300px" title="Tag" /> <input type="text" name="tags" id="tags" value="{escape($oDocument->get('tags') ?? '', false)}" class="iText" style="width:300px" title="Tag" />
</span> </span>
</div> </div>
<div class="write_captcha" cond="isset($captcha) && $captcha && $captcha->isTargetAction('document')"> <div class="write_captcha" cond="isset($captcha) && $captcha && $captcha->isTargetAction('document')">

6
modules/board/skins/xedition/write_form.html
View file

@ -57,7 +57,7 @@
<div class="write_author"> <div class="write_author">
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="userName" class="iLabel">{$lang->writer}</label> <label for="userName" class="iLabel">{$lang->writer}</label>
<input type="text" name="nick_name" id="userName" class="iText userName" style="width:80px" value="{htmlspecialchars($oDocument->get('nick_name'))}" /> <input type="text" name="nick_name" id="userName" class="iText userName" style="width:80px" value="{escape($oDocument->get('nick_name'), false)}" />
</span> </span>
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="userPw" class="iLabel">{$lang->password}</label> <label for="userPw" class="iLabel">{$lang->password}</label>
@ -65,11 +65,11 @@
</span> </span>
<span class="item" cond="!$is_logged"> <span class="item" cond="!$is_logged">
<label for="homePage" class="iLabel">{$lang->homepage}</label> <label for="homePage" class="iLabel">{$lang->homepage}</label>
<input type="text" name="homepage" id="homePage" class="iText homePage" style="width:140px"value="{htmlspecialchars($oDocument->get('homepage'))}" /> <input type="text" name="homepage" id="homePage" class="iText homePage" style="width:140px"value="{escape($oDocument->get('homepage'), false)}" />
</span> </span>
<span class="item"> <span class="item">
<label for="tags" class="iLabel">{$lang->tag}: {$lang->about_tag}</label> <label for="tags" class="iLabel">{$lang->tag}: {$lang->about_tag}</label>
<input type="text" name="tags" id="tags" value="{htmlspecialchars($oDocument->get('tags'))}" class="iText" style="width:300px" title="Tag" /> <input type="text" name="tags" id="tags" value="{escape($oDocument->get('tags') ?? '', false)}" class="iText" style="width:300px" title="Tag" />
</span> </span>
<span class="item" cond="$oDocument->get('document_srl') && isset($module_info->update_log) && $module_info->update_log == 'Y'"> <span class="item" cond="$oDocument->get('document_srl') && isset($module_info->update_log) && $module_info->update_log == 'Y'">
<label for="reason_update" class="iLabel">{$lang->reason_update}</label> <label for="reason_update" class="iLabel">{$lang->reason_update}</label>